Avoid an Uber-style hack with a private data centrePosted by Colin Woods on 24/11 at 10:00 AM Data centre,
Security,

With news emerging that Uber lost 57 million records of customer data last year, the spotlight is firmly back on data security and storage. This becomes all the more relevant with the GDPR legislation coming into force in May 2018.

The formerly undisclosed cyber-attack was revealed earlier this week by the car sharing company, worth $60 billion, plus details of the $100,000 (£75,000) ransom paid for the data. This should put companies of all sizes on alert.

Uber has fired their chief security officer after it emerged that this wasn’t the only security breach that occurred. In 2014, they were fined $20,000 for not disclosing a less serious breach.

While Uber hasn’t confirmed which countries could be affected, the UK’s Information Commissioner’s Office (ICO) has begun investigating the company’s data protection procedures.

It is reported two hackers accessed a private area of the popular online developer resource, Github, and found the login for the cloud-based Amazon Web Services (AWS) where Uber stored its data.

Bad luck or a lack of foresight? This situation could have been avoided if Uber had invested in a private data centre with resilient back up and security.

The benefits of a private data centre would have meant that Uber could have secured the data with multi-factor authentication, constant network monitoring, tailored security and a next generation firewall.